On Wed, 14 Mar 2012, David B Funk wrote:
One clue: "X-Originating-IP: [41.189.207.189]"
Check the various RBL hits on that address. ;)
Are there existing plugins for this?
Is there a way to check a range to see if it's part of a known
blacklisted botnet?
The "cbl.abuseat.org" RBL explicitly
On Wed, 14 Mar 2012, Alex wrote:
I actually created a bunch of those already, and would appreciate if
someone would check my work:
uri LOC_WP
m{https?://.[^/]+/(wp-content|modules/mod_wdbanners|wp-admin|wp-includes|cruise/wp-content|includes/|web/wp-content|google_recommends|mt-static)/
On 15/03/12 00:39, Alex wrote:
One clue: "X-Originating-IP: [41.189.207.189]"
Check the various RBL hits on that address. ;)
Are there existing plugins for this?
Is there a way to check a range to see if it's part of a known
blacklisted botnet?
Or if you don't expect to receive email from
Hi,
>> Note that URL, yet another p0ned WordPress website (the
>> "/wp-content/plugins/" stuff). Now you get a hint of why I hate
>> "install-and-forget" websites.
>> When ever I run into p0ned websites their domain name goes into my
>> private URIBL list. They don't get spam past me again.
>>
>
>
On 14/03/12 03:09, David B Funk wrote:
On Tue, 13 Mar 2012, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic
On 14/03/12 03:09, David B Funk wrote:
On Tue, 13 Mar 2012, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic
On 14/03/12 02:36, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic in the message.
We need more examples.
On Tue, 13 Mar 2012, Alex wrote:
Hi,
http://pastebin.com/raw.php?i=iquXBnH0
While I could create a rule to block this specific domain, or submit
it to a RBL, I'd appreciate any ideas how to more generally block
them, rather than by one characteristic in the message.
We need more examples.
Hi,
>>> http://pastebin.com/raw.php?i=iquXBnH0
>>
>>> While I could create a rule to block this specific domain, or submit
>>> it to a RBL, I'd appreciate any ideas how to more generally block
>>> them, rather than by one characteristic in the message.
>>
>> We need more examples.
>
> That just oc
Hi,
>> http://pastebin.com/raw.php?i=iquXBnH0
>
>> While I could create a rule to block this specific domain, or submit
>> it to a RBL, I'd appreciate any ideas how to more generally block
>> them, rather than by one characteristic in the message.
>
> We need more examples.
That just occurred to
On 03/13, Alex wrote:
> http://pastebin.com/raw.php?i=iquXBnH0
> While I could create a rule to block this specific domain, or submit
> it to a RBL, I'd appreciate any ideas how to more generally block
> them, rather than by one characteristic in the message.
We need more examples.
> Maybe this
Hi all,
I have a fedora15 system with spamassassin-3.3.2 and for quite some
time I've been trying to block this frequent pattern originating from
various networks, but always a similar short body with a URI:
http://pastebin.com/raw.php?i=iquXBnH0
The domain in this sample isn't currently blackli
12 matches
Mail list logo